<?php
/**
* 会员管理操作
*
* @version $id:member_do.php 13:47 2010年7月19日 tianya $
* @package DedeBIZ.Administrator
* @copyright Copyright (c) 2022 DedeBIZ.COM
* @license https://www.dedebiz.com/license
* @link https://www.dedebiz.com
*/
require_once(dirname(__FILE__)."/config.php");
require_once(DEDEINC."/libraries/oxwindow.class.php");
if (empty($dopost)) $dopost = '';
if (empty($fmdo)) $fmdo = '';
$ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';
//删除会员
if ($dopost == "delmember") {
CheckPurview('member_Del');
if ($fmdo == 'yes') {
$id = preg_replace("#[^0-9]#", '', $id);
$safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);
if ($safecodeok != $safecode) {
ShowMsg("请填写正确的验证安全码", "member_do.php?id={$id}&dopost=delmember");
exit();
}
if (!empty($id)) {
//删除会员信息
$row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='$id' LIMIT 1 ");
$rs = 0;
if ($row['matt'] == 10) {
$nrow = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id' LIMIT 1 ");
//已经删除关连的管理员帐号
if (!is_array($nrow)) $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");
} else {
$rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");
}
if ($rs > 0) {
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid='$id' LIMIT 1");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid='$id' LIMIT 1");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid='$id' LIMIT 1");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid='$id' LIMIT 1");
//删除会员相关数据
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid='$id' ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid='$id' ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid='$id' ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid='$id' Or fromid='$id' ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid='$id' Or fid='$id' ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid='$id' ");
$dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid='$id'");
} else {
ShowMsg("无法删除此会员,如果这个会员是管理员,<br>必须先删除这个管理员才能删除此帐号", $ENV_GOBACK_URL, 0, 5000);
exit();
}
}
ShowMsg("成功删除一个会员", $ENV_GOBACK_URL);
exit();
}
$randcode = mt_rand(10000, 99999);
$safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);
$wintitle = "会员管理-删除会员";
$wecome_info = "<a href='".$ENV_GOBACK_URL."'>会员管理</a>::删除会员";
$win = new OxWindow();
$win->Init("member_do.php", "js/blank.js", "POST");
$win->AddHidden("fmdo", "yes");
$win->AddHidden("dopost", $dopost);
$win->AddHidden("id", $id);
$win->AddHidden("randcode", $randcode);
$win->AddHidden("safecode", $safecode);
$win->AddTitle("您确定要删除id<span class='text-primary'>".$id."</span>会员吗");
$win->AddMsgItem("验证安全码:<input name='safecode' type='text' id='safecode' class='admin-input-md'>(安全码:<span class='text-primary'>$safecode</span>)", "30");
$winform = $win->GetWindow("ok");
$win->Display();
} else if ($dopost == "delmembers") {
CheckPurview('member_Del');
if ($fmdo == 'yes') {
$safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);
if ($safecodeok != $safecode) {
ShowMsg("请填写正确的验证安全码", "member_do.php?id={$id}&dopost=delmembers");
exit();
}
if (!empty($id)) {
//删除会员信息
$rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid IN (".str_replace("`", ",", $id).") And matt<>10 ");
if ($rs > 0) {
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid IN (".str_replace("`", ",", $id).") ");
//删除会员相关数据
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid IN (".str_replace("`", ",", $id).") Or fromid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid IN (".str_replace("`", ",", $id).") Or fid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid IN (".str_replace("`", ",", $id).") ");
$dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid IN (".str_replace("`", ",", $id).")");
} else {
ShowMsg("无法删除此会员,如果这个会员是管理员关连的id,<br>必须先删除这个管理员才能删除此帐号", $ENV_GOBACK_URL, 0, 3000);
exit();
}
}
ShowMsg("成功删除这些会员", $ENV_GOBACK_URL);
exit();
}
$randcode = mt_rand(10000, 99999);
$safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);
$wintitle = "会员管理-删除会员";
$wecome_info = "<a href='".$ENV_GOBACK_URL."'>会员管理</a>::删除会员";
$win = new OxWindow();
$win->Init("member_do.php", "js/blank.js", "POST");
$win->AddHidden("fmdo", "yes");
$win->AddHidden("dopost", $dopost);
$win->AddHidden("id", $id);
$win->AddHidden("randcode", $randcode);
$win->AddHidden("safecode", $safecode);
$win->AddTitle("您确定要删除id<span class='text-primary'>".$id."</span>会员吗");
$win->AddMsgItem("验证安全码:<input name='safecode' type='text' id='safecode' size='16' class='admin-input-md' /> (安全码:<span class='text-primary'>$safecode</span>)", "30");
$winform = $win->GetWindow("ok");
$win->Display();
}
//推荐会员
else if ($dopost == "recommend") {
CheckPurview('member_Edit');
$id = preg_replace("#[^0-9]#", "", $id);
if ($matt == 0) {
$dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=1 WHERE mid='$id' AND matt<>10 LIMIT 1");
ShowMsg("成功设置一个会员推荐", $ENV_GOBACK_URL);
exit();
} else {
$dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=0 WHERE mid='$id' AND matt<>10 LIMIT 1");
ShowMsg("成功取消一个会员推荐", $ENV_GOBACK_URL);
exit();
}
}
//修改会员
else if ($dopost == 'edituser') {
CheckPurview('member_Edit');
$send_max = isset($send_max)? intval($send_max) : 0;
$user_money = isset($user_money)? floatval($user_money) : 0.0;
$money = isset($money)? intval($money) : 0;
$scores = isset($scores)? intval($scores) : 0;
$rank = isset($rank)? intval($rank) : 0;
$id = isset($id)? intval($id) : 0;
$email = isset($email)? HtmlReplace($email,1) : '';
$uname = isset($uname)? HtmlReplace($uname,1) : '';
$spacesta = isset($spacesta)? HtmlReplace($spacesta,1) : '';
$exptime = isset($exptime)? HtmlReplace($exptime,1) : '';
if (!isset($_POST['id'])) exit('dedebiz');
$pwdsql = empty($pwd) ? '' : ",pwd='".md5($pwd)."'";
if (function_exists('password_hash')) {
$pwdsql = empty($pwd) ? '' : ",pwd_new='".password_hash($pwd, PASSWORD_BCRYPT)."'";
}
if (empty($sex)) $sex = '男';
$uptime = GetMkTime($uptime);
if ($matt == 10 && $oldmatt != 10) {
ShowMsg("不支持直接把前台会员转为管理的操作", "-1");
exit();
}
$query = "UPDATE `#@__member` SET send_max='$send_max',email='$email',uname='$uname',sex='$sex',matt='$matt',user_money='$user_money',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' AND matt<>10 ";
$rs = $dsql->ExecuteNoneQuery2($query);
if ($rs == 0) {
$query = "UPDATE `#@__member` SET email='$email',uname='$uname',sex='$sex',user_money='$user_money',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' ";
$rs = $dsql->ExecuteNoneQuery2($query);
}
ShowMsg('成功修改会员资料', 'member_view.php?id='.$id);
exit();
}
//登录会员
else if ($dopost == "memberlogin") {
CheckPurview('member_Edit');
PutCookie('DedeUserID', $id, 1800);
PutCookie('DedeLoginTime', time(), 1800);
if (empty($jumpurl)) header("location:../user/index.php");
else header("location:$jumpurl");
} else if ($dopost == "deoperations") {
$nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));
$nid = explode(',', $nid);
if (is_array($nid)) {
foreach ($nid as $var) {
$query = "DELETE FROM `#@__member_operation` WHERE aid = '$var'";
$dsql->ExecuteNoneQuery($query);
}
ShowMsg("删除成功", "member_operations.php");
exit();
}
} else if ($dopost == "upoperations") {
$nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));
$nid = explode(',', $nid);
if (is_array($nid)) {
foreach ($nid as $var) {
$moRow = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE aid='$var'");
if ($moRow['sta'] == 0) {
$query = "UPDATE `#@__member_operation` SET sta = '1' WHERE aid = '$var'";
$dsql->ExecuteNoneQuery($query);
}
}
ShowMsg("设置成功", "member_operations.php");
exit();
}
} else if ($dopost == "okoperations") {
$nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));
$nid = explode(',', $nid);
if (is_array($nid)) {
foreach ($nid as $var) {
$moRow = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE aid='$var'");
if ($moRow['sta'] == 1) {
if ($moRow['product'] === "card") {
//积分
$proRow = $dsql->GetOne("SELECT * FROM `#@__moneycard_type` WHERE tid={$moRow['pid']}");
$query = "UPDATE `#@__member` SET money = money+{$proRow['num']} WHERE mid = '{$moRow['mid']}'";
$dsql->ExecuteNoneQuery($query);
} else if ($moRow['product'] === "member"){
$row = $dsql->GetOne("SELECT * FROM `#@__member_type` WHERE aid='{$moRow['pid']}'");
$rank = $row['rank'];
$exptime = $row['exptime'];
$rs = $dsql->GetOne("SELECT uptime,exptime FROM `#@__member` WHERE mid='".$moRow['mid']."'");
if ($rs['uptime']!=0 && $rs['exptime']!=0) {
$nowtime = time();
$mhasDay = $rs['exptime'] - ceil(($nowtime - $rs['uptime'])/3600/24) + 1;
$mhasDay=($mhasDay>0)? $mhasDay : 0;
}
$memrank = $dsql->GetOne("SELECT money,scores FROM `#@__arcrank` WHERE `rank`='$rank'");
//更新会员信息
$sqlm = "UPDATE `#@__member` SET `rank`='$rank',`money`=`money`+'{$memrank['money']}',scores=scores+'{$memrank['scores']}',exptime='$exptime'+'$mhasDay',uptime='".time()."' WHERE mid='".$moRow['mid']."'";
$sqlmo = "UPDATE `#@__member_operation` SET sta='2',oldinfo='会员升级成功' WHERE buyid='{$moRow['pid']}' ";
if (!($dsql->ExecuteNoneQuery($sqlm) && $dsql->ExecuteNoneQuery($sqlmo))) {
ShowMsg("升级会员失败", "javascript:;");
exit;
}
}
$query = "UPDATE `#@__member_operation` SET sta = '2' WHERE aid = '$var'";
$dsql->ExecuteNoneQuery($query);
}
ShowMsg("设置成功", "member_operations.php");
exit();
}
}
}
?>